diff --git a/re2o/settings.py b/re2o/settings.py index bdc6eb21..be2eea1a 100644 --- a/re2o/settings.py +++ b/re2o/settings.py @@ -12,7 +12,7 @@ https://docs.djangoproject.com/en/1.8/ref/settings/ # Build paths inside the project like this: os.path.join(BASE_DIR, ...) import os -from .settings_local import SECRET_KEY, DATABASES, DEBUG, ALLOWED_HOSTS +from .settings_local import SECRET_KEY, DATABASES, DEBUG, ALLOWED_HOSTS, ASSO_NAME, ASSO_ADDRESS_LINE1, ASSO_ADDRESS_LINE2, ASSO_SIRET, ASSO_EMAIL, ASSO_PHONE BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) @@ -20,15 +20,6 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/1.8/howto/deployment/checklist/ -# Association information - -ASSO_NAME = "ReZo Metz" -ASSO_ADDRESS_LINE1 = "2, rue Edouard Belin" -ASSO_ADDRESS_LINE2 = "57070 Metz" -ASSO_SIRET = "" -ASSO_EMAIL = "tresorier@ecole.fr" -ASSO_PHONE = "01 02 03 04 05" - # Auth definition PASSWORD_HASHERS = ( @@ -134,3 +125,9 @@ STATICFILES_DIRS = ( STATIC_URL = '/static/' STATIC_ROOT = os.path.join(BASE_DIR, 'static_files') + +RIGHTS_LINK = { + 'cableur' : ['bureau','infra','bofh','trésorier','bofh'], + 'bofh' : ['bureau','trésorier'], + } + diff --git a/users/models.py b/users/models.py index 80e4c089..34c0da70 100644 --- a/users/models.py +++ b/users/models.py @@ -3,6 +3,7 @@ from django.db.models import Q from django.forms import ModelForm, Form from django import forms +from re2o.settings import RIGHTS_LINK import re from django.utils import timezone @@ -137,8 +138,12 @@ class User(AbstractBaseUser): def has_perms(self, perms, obj=None): for perm in perms: - if perm == 'cableur' and Right.objects.filter(Q(user=self) & (Q(right__listright='admin') | Q(right__listright='bureau') | Q(right__listright='infra'))): - return True + if perm in RIGHTS_LINK: + query = Q() + for right in RIGHTS_LINK[perm]: + query = query | Q(right__listright=right) + if Right.objects.filter(Q(user=self) & query): + return True try: Right.objects.get(user=self, right__listright=perm) except Right.DoesNotExist: diff --git a/users/views.py b/users/views.py index 50fac1c0..d1515ed4 100644 --- a/users/views.py +++ b/users/views.py @@ -161,7 +161,7 @@ def add_ban(request, userid): ban.save() messages.success(request, "Bannissement ajouté") return redirect("/users/profil/" + userid) - if is_ban(user): + if user.is_ban(): messages.error( request, "Attention, cet utilisateur a deja un bannissement actif"